The Perception of Industrial Control Systems Cyber Security

Cyber security in industrial control systems (ICS) is poised to delay the adoption of Industry 4.0. Many business leaders find it hard to understand ICS cyber security challenges as there are many factors contributing to their complexity. Furthermore, the engineers developing solutions for industrial control systems have likely not seen significant cyber security requirements at the device level. Traditional methods for securing industrial control systems have relied on limiting access to networks and devices, and monitoring network traffic through information technology (IT) solutions. A product lead working on devices in a factory will find it easy to dismiss cyber security as an IT problem. However, the traditional methods for securing industrial control systems will no longer be sufficient as Industry 4.0 looms on the horizon. The challenges of ICS cyber security will ultimately delay the adoption of Industry 4.0 if companies do not have a strategy to address device security at the edge. In order to adopt and capitalize on Industry 4.0, cyber security needs to be a critical part of the business plan. Analog Devices recognizes the challenges that Industry 4.0 brings to the market. Although the industrial market has traditionally been slow to change, the adoption of Industry 4.0 has occurred at a record pace that exceeds expectations. With these changes, cyber security is becoming one of the most challenging obstacles to the adoption of Industry 4.0. ICS cyber security standards and guidelines are in place or being established to secure the factory, but they do not provide guidance on how to accelerate Industry 4.0 initiatives. It is our mission to enable our customers to more rapidly adopt Industry 4.0 solutions by extending the secure edge and making it easier to implement security.

Figure 1. Edge devices require transition to adopt for Industry 4.0.

Industry 4.0 Is Changing Industrial Control Systems Cyber Security

There is a reason Industry 4.0 is changing the ICS cyber security problem. The very nature of Industry 4.0 is to increase access and accessibility of control of the devices in the factory. This means increased access to the data to expand transparency, reduce network planning, lower CapEx, reduce OpEx, improve bandwidth, and optimize machine interworking. Increasing access and accessibility of control means that the cyber security risk assessment of the factory system is changing. ICS cyber security solutions need to adapt to address the changing risk, and traditional countermeasures applied to the system, such as firewalls and placing a device behind a locked door, are counterintuitive to the goals of Industry 4.0. This means devices will need to be security hardened to enable increased functionality in a secure method. Identity and integrity will be at the core of every device in the field to enable trusted data and secure operation.

There are many different standards in the industrial market that provide guidance on implementing security in industrial control systems. For example, NIST provides security guidance with U.S. governance. IEC 62443 is a security standard in draft form for the international market with governance in Europe. These are two of the most predominant standards, providing useful guidelines for implementing security and assessing one’s security posture for industrial control systems; however, they do not provide guidance on how to accelerate the adoption of Industry 4.0. IEC 62443 is currently absent any guidelines for implementing security below the PLC and an ISA99 working group has recently been established to address cyber security at the bottom layers of the factory within the IEC 62443 framework. Today, to meet an acceptable security posture of a system, countermeasures must be applied to devices that do not reach a sufficient level of security. These countermeasures typically rely on methods such as firewalls to limit access and section off or isolate vulnerable devices. In the future, devices will need to reach higher security levels to enable the transition to Industry 4.0.

Analog Devices is in a unique position to extend the secure edge. Our traditional market space is at the physical edge, where the real world is translated into digital signals and data is born. This gives us the opportunity to establish trust in data by providing identity and integrity much earlier in the signal chain and establish a new definition of the secure edge. Traditionally, the secure edge has originated at gateways, PLCs, or even servers in the industrial control systems security framework.

This view is reminiscent of the traditional IT cyber security view of the factory but it persists throughout the industry. The prospect of driving the secure edge lower in the signal chain is enticing because it enables higher confidence in the decisions that are being made from that data. The earlier identity and integrity can be established in the signal chain, the more trust and confidence can be placed in the data that is driving decisions.

ICS cyber security cannot be addressed by a one size fits all solution and an in-depth defense approach must be adopted and applied based on the risk assessment of the system. Analog Devices has a strategy to extend the depth of ICS cyber security as Ethernet is adopted at the edge. Enabling Industry 4.0 requires the factory to adopt new connectivity methodologies. This means that Ethernet has taken, and will continue to take, a larger role in industrial control systems. Analog Devices’ security strategy is to focus on where there is Ethernet connectivity because this significantly changes the impact any one device on the network has on the system. Our current family of industrial Ethernet solutions and TSN solutions has been the focus of our security development. In the near term, the fido5000, RapID® Platform that provides 2-port, multi-protocol connectivity will be enabled with security features that provide key generation/management, secure boot, secure update, and secure memory access to protect against network bound attacks. The product family roadmap includes single-chip solutions that feature a hardware root of trust, secure device lifecycle management, secure communications/mutual authentication, and tamper protection. As the industry continues to adopt sensors with increased intelligence, connectivity will extend lower in the factory driving additional security requirements at the device level. Analog Devices is committed to developing a secure portfolio that enables easier adoption of ICS security solutions and establish trust at the edge to accelerate the adoption of Industry 4.0.

Об авторах

Erik Halthen

Erik Halthen, part of ADI’s acquisition of Sypris Electronics in 2016, brings extensive background in Cyber Security solutions. As part of ADI’s cyber security center of excellence, Erik has taken on the role of Market Development Manager, leveraging his experience as a Program Manager to develop leading security solutions that meet key market demands in Automotive, Industrial, and IoT. Erik’s experience leading teams in the development and integration of new security technologies combined with a strong background in business, partners with customers to revolutionize how IoT security is executed from the edge to the cloud.

Analog Devices Uses Cookies for Enhanced Online Performance

Some cookies are required for secure log-ins but others are optional for functional activities. Our data collection is used to improve our products and services. We recommend you accept our cookies to ensure you’re receiving the best performance and functionality our site can provide. For additional information you may view the cookie details. Read more about our privacy policy.

These are cookies that are required for the operation of analog.com or specific functionality offered. They either serve the sole purpose of carrying out network transmissions or are strictly necessary to provide an online service explicitly requested by you.

Analytics/Performance Cookies:

These cookies allow us to carry out web analytics or other forms of audience measuring such as recognizing and counting the number of visitors and seeing how visitors move around our website. This helps us to improve the way the website works, for example, by ensuring that users are easily finding what they are looking for.

Functionality Cookies:

These cookies are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region). Loss of the information in these cookies may make our services less functional, but would not prevent the website from working.

Targeting/Profiling Cookies:

These cookies record your visit to our website and/or your use of the services, the pages you have visited and the links you have followed. We will use this information to make the website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.